Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A non-transitory computer readable medium storing computer-executable instructions that, in response to execution, cause a device comprising a processor to perform operations, comprising: a. Communicatively coupling a home key distribution center via a wide area network to an infrastructure key distribution center; b. Transmitting a security certificate via a wide area network to the infrastructure key distribution center; c. receiving a reply security certificate via the wide area network from the infrastructure key distribution center; d. sending a secure request via the wide area network for a ticket-granting ticket to the infrastructure key distribution center; e. receiving via the wide area network from the infrastructure key distribution center the ticket-granting ticket that provides authorization data that is used to determine which client device(s) are authorized to share content on a home network; and f. distributing a server ticket to another client device within the home network only when the other client device is determined to be authorized, based on the authorization data associated with the ticket granting ticket, to receive content from other devices in the home network, wherein the server ticket identifies a client device operating as a server within the home network, and wherein the server ticket can be used by the other client device to obtain content from the server using a content key generated by the server that is unique to a combination of the server and the content and wherein the content key has been encrypted by a key that is unique to the server, and wherein the content is encrypted with the content key.
A system manages digital rights for content distribution within a home network. A "home key distribution center" (like a central server) connects to an "infrastructure key distribution center" (like a service provider's server) via the internet. The home server sends its security certificate to the service provider and receives a reply. It then requests a "ticket-granting ticket" which contains data about which devices are authorized to share content on the home network. The home server then distributes a "server ticket" to other devices on the home network, but ONLY if those devices are authorized by the ticket-granting ticket. This server ticket allows the receiving device to get content from a "server" device (like a set-top box) using a unique "content key" created by the server device. The content itself is encrypted with this content key, adding a layer of security.
2. The non-transitory computer-readable medium of claim 1 , further comprising instructions for forwarding authorization data from the home key distribution center to other devices in the home network.
Building upon the digital rights management system described previously, the "home key distribution center" (like a central server), after receiving authorization data about which devices are authorized to share content on the home network, also forwards that authorization data directly to other devices within the home network. This allows these other devices to independently verify whether other client devices are authorized, without constantly needing to query the home key distribution center, thus reducing latency and network load. This forwarding mechanism ensures consistent enforcement of authorization policies across the entire home network for content distribution.
3. The non-transitory computer-readable medium of claim 1 , wherein the instructions that control the home key distribution center further enable the home key distribution center to securely receive operator updates to the authorization data sent through the infrastructure key distribution center.
In the digital rights management system, the "home key distribution center" not only manages authorization, but it can also securely receive updates to that authorization data from the service provider's "infrastructure key distribution center." This allows the service provider to remotely manage and update the permissions and restrictions of content sharing on the home network. The home key distribution center ensures secure reception and application of these updates, guaranteeing that changes to content access are centrally controlled and consistently enforced across all devices in the home network.
4. The non-transitory computer-readable medium of claim 3 , wherein the authorization data contains data selected from the group consisting of: certificate revocation lists for infrastructure key distribution centers, home key distribution centers, or IP rights management (IPRM) clients; limits on the size of the home domain; a list of device identifiers that are allowed in the home domain; or combinations of the above.
Within the digital rights management system, the authorization data used by the "home key distribution center" to control content sharing contains information such as: lists of revoked security certificates for the service provider's servers ("infrastructure key distribution centers"), the home's central server ("home key distribution centers"), or client devices ("IPRM clients"); limits on the number of devices allowed in the home network; and/or a list of specific device identifiers that are permitted to join and participate in the home network. The combination of these different data points is used to comprehensively manage and enforce the digital rights and access policies for content distributed within the home.
Unknown
September 2, 2014
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.